CVE-2010-2287 CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
wireshark (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Lucid |
Won't Fix
|
Medium
|
Mahyuddin Susanto | ||
Maverick |
Fix Released
|
Undecided
|
Unassigned | ||
Natty |
Fix Released
|
Medium
|
Unassigned |
Bug Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
affects ubuntu/wireshark
status inprogress
assignee udienz
importance medium
security yes
done
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2287 to
the following vulnerability:
Name: CVE-2010-2287
URL: http://
Reference: MLIST:[
vulnerabilities
Reference: URL: http://
Reference: CONFIRM: http://
Reference: CONFIRM: http://
Reference: MANDRIVA:
Reference: URL:
http://
Reference: SECUNIA:40112
Reference: URL: http://
Reference: VUPEN:ADV-2010-1418
Reference: URL: http://
Buffer overflow in the SigComp Universal Decompressor Virtual Machine
dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8
has unknown impact and remote attack vectors.
Upstream commits:
trunk: http://
trunk: http://
trunk-1.2: http://
trunk-1.0: http://
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://
iF4EAREIAAYFAk1
2wD640H3tD4sViL
=/7oZ
-----END PGP SIGNATURE-----
visibility: | private → public |
Changed in wireshark (Ubuntu Maverick): | |
status: | New → Fix Released |
Changed in wireshark (Ubuntu Lucid): | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in wireshark (Ubuntu Natty): | |
assignee: | Mahyuddin Susanto (udienz) → nobody |
status: | In Progress → Fix Released |
Changed in wireshark (Ubuntu Lucid): | |
assignee: | nobody → Mahyuddin Susanto (udienz) |
lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".